Integer Signedness Error in sockargs Function in FreeBSD 10.x

Integer Signedness Error in sockargs Function in FreeBSD 10.x

CVE-2016-1887 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

Integer signedness error in the sockargs function in sys/kern/uipc_syscalls.c in FreeBSD 10.1 before p34, 10.2 before p17, and 10.3 before p3 allows local users to cause a denial of service (memory overwrite and kernel panic) or gain privileges via a negative buflen argument, which triggers a heap-based buffer overflow.

Learn more about our User Device Pen Test.